34 Oracle Portal

34.2.1 Oracle Portal 11g Release 1 (11.1.1) with Oracle Application Server Wireless

Integrating Oracle Application Server Wireless 10g with Oracle Portal 11g Release 1 (11.1.1) requires you to complete a set of manual steps, as described in the Metalink note 837837.1 (Oracle Portal 11g Release 1 (11.1.1) with Oracle Application Server Wireless). In addition, see the following Metalink notes for information about deprecated features in 10g:

• Deprecated Features in Oracle Application Server 10g Release 2 (10.1.2)

• Deprecated Features in Oracle Application Server 10g Release 3 (10.1.3)

34.2.2 Relevance of Instant Portal Documentation

Note that the information presented in Chapter 5, titled "Understanding Oracle Instant Portal," in the Oracle Fusion Middleware User's Guide for Oracle Portal applies to users upgrading their existing Instant Portals to Oracle Portal 11g Release 1 (11.1.1). For information about deprecated features in 10g, see the Deprecated Features in Oracle Application Server 10g Release 2 (10.1.2) Metalink note.

34.2.3 Editing a Database Link Requires Password

If the database where the portal schema is installed is version 10.2 or later, then users must re-enter the remote user's password when they rename or edit a database link from the Portal Navigator's Database Objects tab. This is applicable only for those database links that are created with the Specific User option.

34.2.4 Moving Content When Approval Is Enabled Does Not Require Approval

Moving content between pages or between regions of the same page does not trigger approvals. For example, when a target page is configured with an approval process and a contributor moves content from a source page to the target page, the moved content does not trigger the approval process on the target page, even when approval is required for all users.

34.2.5 Firefox and Safari Browsers Do Not Display Tooltips on Oracle Portal Screens

Firefox and Safari browsers do not support the display of tooltip text, which is set using the ALT attribute for image descriptions.

As a workaround, you can download and install browser-specific add-ons, such as Popup ALT Attribute for Firefox (see https://addons.mozilla.org/en-US/firefox/addon/1933).

34.2.6 Non-ASCII URLs Cannot be Decoded in Some Scenarios

If the JVM default character encoding is set to ISO8859-1, the Portal repository database character set must match with the JVM default character encoding. If this condition is not satisfied, non-ASCII URLs may become inaccessible.

34.2.7 Manual Changes to Oracle Portal Default Schema Objects

Any manual changes to Oracle Portal default objects, such as tables, views, packages, or indexes are not supported. Such changes may render Oracle Portal unusable. Note that the internal structure of Portal objects can change between versions.

For more information, see the 403179.1 Metalink note.

34.2.8 Creating Readable URLs

If you are using Secure Enterprise Search (SES), then by default, the search result of your Portal displays durable URL format for an item or a page. To display your URL as a readable format, perform the following steps:

1. Run sbrsrxml.sql, located at ORACLE_HOME\upgrade\portal\admin\plsql\wws in Windows and ORACLE_HOME/upgrade/portal/admin/plsql/wws, in UNIX, using your Portal schema password.

2. Enter the value 0, for example @wws\sbrsrxml.sql 0 in Windows.

After you run a full SES crawl, your URL is displayed in a readable format. And if you want your URL to display the durable URL format, then run sbrsrxml.sql and enter the value 1.

34.2.9 Encrypting a Password in MOD_ORADAV.CONF

This section describes how to encrypt a password in the mod_oradav.conf file. Perform the following tasks:

Editing the DAV Password

To edit the password in the mod_oradav.conf file, do the following:

1. Open your mod_oradav.conf file, located at INSTANCE_HOME/config/OHS/ohs1/moduleconf (UNIX).

2. Locate the DAV entry for which you wish to change the password. In a default portal instance, you can find the DAV configuration entry in the following directive:

   <Location /dav_portal/portal>
   

3. In the DAV entry, remove the directive ORACRYPTPASSWORD (For example, DAVParam ORACRYPTPASSWORD BS50NfrosVZOjfgc9hUQ9wcbFFxLSYT/BA==), and replace with the clear text password using the following syntax:

   DAVParam ORAPASSWORD <your_password_here>
   

   For example:

   If you want to have a password of passwd123, add a line as follows: DAVParam ORAPASSWORD passwd123.

4. Save the file.

Obfuscate the Password

After editing the DAV password, it is recommended that the DAV password be obfuscated by running the oradavTool.pl script located at ORACLE_HOME/bin in UNIX and ORACLE_HOME\bin in Windows. To do so, perform the following steps:

1. If necessary, change the user to the Oracle software owner user, typically oracle, using the following command:

   su - oracle
   

2. Set the ORACLE_HOME environment variable to specify the path to the Oracle home directory for the current release, and set the PATH environment variable to include the directory containing the Perl executable and the location of the oradavTool.pl script (Located at ORACLE_HOME/ohs/bin in UNIX and ORACLE_HOME\ohs\bin in Windows).

   Bourne, Bash, or Korn shell:

   $ ORACLE_HOME=new_ORACLE_HOME_path;export ORACLE_HOME
   PATH=$ORACLE_HOME/bin:$ORACLE_HOME/perl/bin:$PATH;export PATH
   

   C or tcsh shell:

   % setenv ORACLE_HOME new_ORACLE_HOME_PATH
   % setenv PATH ORACLE_HOME/bin:$ORACLE_HOME/perl/bin:PATH
   

   On Microsoft Windows, set the PATH and PERL5LIB environment variable:

   set PATH=ORACLE_HOME\bin;%ORACLE_HOME%\perl\bin;%PATH%
   set PERL5LIB=ORACLE_HOME\perl\lib
   

3. On UNIX platforms, set the shared library path environment variable

   Include the ORACLE_HOME/lib or lib32 directory in your shared library path. Table 34-1 shows the appropriate directory and environment variable for each platform.

   Table 34-1 Shared Library Path Environment Variable

   Platform	Environment Variable	Include Directory
   AIX Based Systems	LIBPATH	ORACLE_HOME/lib
   HP-UX PA-RISC	SHLIB_PATH	ORACLE_HOME/lib
   Solaris Operating System	LD_LIBRARY_PATH	ORACLE_HOME/lib32
   Other UNIX platforms, including Linux and HP Tru64 UNIX	LD_LIBRARY_PATH	ORACLE_HOME/lib

   
   

   For example, on HP-UX PA-RISC systems, set the SHLIB_PATH environment to include the ORACLE_HOME/lib directory:

   $SHLIB_PATH=$ORACLE_HOME/lib:$SHLIB_PATH;export SHLIB_PATH
   

4. Change directory to the ORACLE_HOME/bin (UNIX) directory, as this is the location of the oradavTool.pl script.

5. Invoke the following Perl script to encrypt the mod_oradav.conf password:

   perl oradavTool.pl -f mod_oradav.conffilename
   

   Where mod_oradav.conffilename is the filename for mod_oradav.conf, which includes the full path to the mod_oradav.conf file.

   For example, in UNIX:

   perl oradavTool.pl -f /u01/app/oracle/as11gr1/ORACLE_INSTANCE/config/OHS/<ohs_name>/moduleconf/mod_oradav.conf
   

6. The directive ORAPASSWORD is updated with the new directive ORACRYPTPASSWORD, and your password is obfuscated.

7. Restart your Oracle HTTP Server.

34.2.10 Migrating an External Application

When migrating an external application during the cloning process, you must run the ssomig utility after the import is completed as follows:

1. Open the tnsnames.ora file, and enter connect string entries to the sso database in tnsnames.ora file.

2. Set the TNS_ADMIN environment variable to the tnsnames.ora file location.

3. Run the ssomig utilty (Located at INFRA_HOME/sso/bin):

   $INFRA_HOME/sso/bin/ssomig -import -overwrite -s orasso -p <<ORASSO_SCHEMA_PASSWORD>> -c <<TNS_ALIAS>> -d ssomig.dmp -log_d <<ABSOLUTE_PATH_FOR_MREXPDIR>> -discoforce
   

34.2.11 Availability of JPDK Samples

In Oracle Portal 11g Release 1 (11.1.1), JPDK samples are not available, by default. The jpdk.ear file and can be deployed, by performing the following:

1. Log on to the Oracle WebLogic Server Administration Console.

2. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit.

3. In the Domain Structure tree, select Deployments.

   The Summary of Deployments page is displayed.

4. Click Install.

5. Select jpdk.ear from your directory (Located at ORACLE_HOME/archives/applications), and click Next.

6. Select Install this deployment as an application, and click Next.

7. Check the target from the Install Application Assistant page, and click Next.

8. In the Name field, enter a name for the deployment.

9. Click Finish.

10. Click Activate Changes.

11. From the Summary of Deployments page, select the application and click Start.

34.2.12 Error when creating RCU portal schema

If RCU portal schema creation fails with the error message ORA-24246: empty access control list (ACL) not allowed, do the following:

1. Connect to the database as a SYS user.

2. At the SQL prompt, run the following command:

   BEGIN
         DBMS_NETWORK_ACL_ADMIN.drop_acl (
             acl         => '/sys/acls/portal-permissions.xml');
         COMMIT;
       END;
       /
   

34.2.13 Internal Error when Using Portal Search With Oracle Text Enabled to Search for Pages

If you have Oracle Text enabled, the following internal server error may occur when you are searching for Pages:

Internal error (WWC-00006)
An unexpected error has occurred (WWS-32100)
Unknown Exception (WWC-45131)
User-Defined Exception (WWV-11230)
Unexpected error - ORA-00600: internal error code, arguments:
[qkeIsExprReferenced1], [], [], [], [], [], [], [] (WWC-35000)

If this error occurs, you must download and install database updates from http://updates.oracle.com/download/7041059.html.

34.2.14 IPv6 Support in Oracle Portal 11g Release 1 (11.1.1)

Oracle Portal 11g Release 1 (11.1.1) is not directly supported on Internet Protocol Version 6 (IPv6). The supported configuration comprises the following:

• An IPv4/IPv6 reverse proxy setup on an IPv4/IPv6 dual stack machine.

• The Portal mid-tier and the backend database on IPv4 machines, and clients accessing the Portal server through the proxy.

34.3.1 Relative Hypertext Links to Images and Documents May Break After Upgrade

When upgrading to Oracle Portal 11g Release 1 (11.1.1), relative hypertext links to images and documents may be broken. This can occur when the relative hypertext link uses a different case than the file name. For example, if a pre-upgrade image was uploaded to your portal with the name PROCESS1.GIF, and a hypertext link is referring to process1.gif, after the upgrade, the relative hypertext link to the image will be broken. You are most likely to encounter this in HTML templates or in documents that refer to images or other documents.

To address this issue, edit image and document names, making their case agree with the case used for the file names.

34.3.2 Resetting FILE_ACCESS_ROLE if Set Before Installing or Upgrading to Oracle Portal 11g Release 1 (11.1.1)

If you have set the FILE_ACCESS_ROLE system parameter in the database before installing or upgrading to Oracle Portal 11g Release 1 (11.1.1), you may want to reset it after the installation or upgrade.

The FILE_ACCESS_ROLE system parameter is used to specify the name of a database role that is authorized to create an index using the FILE or URL datastores. If the parameter is set, any user attempting to create an index using FILE or URL datastores must have this role otherwise the index cannot be created.

In database versions earlier than Oracle Database 11g Release 2, if the FILE_ACCESS_ROLE parameter was not set, users did not need to have a specific role to create indexes using the FILE or URL datastores. From Oracle Database 11g Release 2 onwards, if the FILE_ACCESS_ROLE parameter is not set, the URL and File datastore are disabled and indexes using the FILE or URL datastores cannot be created. For more information, see the Oracle Text documentation at http://www.oracle.com/technology/products/text/index.html.

When installing or upgrading to Oracle Portal 11g Release 1 (11.1.1), into a database that is Oracle Database 11g or higher, the following events occur:

• The "PORTAL_SEARCH_FILE_ACCESS_ROLE" role is created.

• The "PORTAL_SEARCH_FILE_ACCESS_ROLE" role is granted to the portal schema.

• The FILE_ACCESS_ROLE system parameter set to "PORTAL_SEARCH_FILE_ACCESS_ROLE" regardless of whether the preference was originally set

If the FILE_ACCESS_ROLE system parameter was set before installing or upgrading to Oracle Portal 11g Release 1 (11.1.1) from a previous version, you may want to set it back to the original role. If you reset it to another role, you must grant that role to the Oracle Portal schema for Oracle Portal Search to function correctly.

34.3.3 Upgrading from Oracle Portal 10g to Oracle Portal 11g Release 1 (11.1.1)

• After you upgrade from Portal 10g Release 2 (10.1.4) to Portal 11g Release 1 (11.1.1), translations of some components or portlets will be missing, for example survey builder, User Surveys, and so on. To fix this issue, you must refresh the database provider, by login to the Oracle Portal, then go to Navigator, Providers, Registered Providers and then select your database provider, and then click Refresh. After refreshing you should be able to see the translations.

• After you upgrade from Portal 10g release to Portal 11g Release 1 (11.1.1), you will not able to refresh the tools producers (omni, webclip, or sample) that were registered from the previous release. To fix this problem, log in to Oracle Portal, then go to Administer. Click Portlets tab, and enter the name of your registered producer (Registered from the previous release) in the Remote Providers section. Click Refresh.

34.3.4 Upgrading Sample WSRP Providers During a Portal Midtier Upgrade

The Sample WSRP provider does not upgrade automatically during a Portal midtier and any instances of portlets on pages from that producer will give an error post upgrade. To upgrade the SampleWSRP Web Provider, do the following:

1. Deploy the wsrp-samples.ear file to the new Portal managed server (WLS_PORTAL) instance using the Oracle WebLogic Server Administration Console.

2. Make the preference store that the old producer used available to the new instance. You can do this, by making the new producer use the same preference store (in scenario, where the data base preference store is used), or by migrating the preference store using the preference store migration utility.

3. Update the registration details in portal to point to the new location of the producer, by using the Edit Registration page within Portal.

34.3.5 Upgrading Portal 10g SSL Environment to Oracle Portal 11g Release 1 (11.1.1)

When you upgrade SSL environment from Oracle Portal 10g to Oracle Portal 11g Release 1 (11.1.1), you will not able to login to Oracle Portal, when you have SSO and Portal Midtier on the same hostname. Internet Explorer has a problem redirecting back and forth on the same hostname between two different ports under SSL mode. As a workaround, you can use Mozilla Firefox.

34.4.1 Interoperability Between Oracle Portal 11g Release 1 (11.1.1) with Secured Enterprise Search (SES) 10.1.8.3

For this interoperability scenario to work, you must download and install updates from http://updates.oracle.com/download/7685124.html and see 816929.1 from http://metalink.oracle.com.

34.4.2 Interoperability Between Oracle Portal 11g Release 1 (11.1.1) with Secured Enterprise Search (SES) 10.1.8.4

For this interoperability scenario to work, you must download and install updates from http://updates.oracle.com/download/7971335.html.

34.4.3 Creating Webproviders in the Oracle Portal 11g Release 1 (11.1.1) Midtier Interoperability with Oracle Portal Repository 10g Release

In Portal 11g 1 (11.1.1), you cannot create webproviders when you are using 11g midtier with 10g portal repository.

34.6.1 Export and Import Does Not Support Reports Server Components

If you include Reports Server Components within a transport set, then they are deleted on export and import. In addition, do not configure the Oracle Reports item type in any page groups intended for export and import. If you do, then the following error is displayed when you try to configure item types in the imported page group (by clicking the Content Type and Classifications Edit link on the Configure tab for the page group):

Internal error (WWC-00006)
Unexpected error - User-Defined Exception (WWC-35000)
Unexpected error - ORA-01403: no data found (WWC-35000)

34.6.2 Saving the Transport Set

After you complete the transport set transfer, click Display Manifest to display the transport set manifest. Ensure that you save the transport set before performing the precheck of the transferred data. This step takes the manifest changes.

34.6.3 Error when importing a page group

Importing a page group may fail with the following error message:

[Error:  (WWU-80338)] context = Schema Validation user = 
ORCLADMIN There were some inconsistencies found and hence import process is aborted.Check the debug log for further details.Fix those inconsistencies, by running schema validation in cleanup mode to proceed

This problem might occur after deleting a page group containing shared portlets. You must run SVU in cleanup mode to ensure a smooth export or import process.

34.7.1 Registering WSRP Producers in Enterprise Configurations

When you register a WSRP producer in an Enterprise configuration, you must create a Web Services Definition Language (WSDL) document manually, then register the WSRP producer using that WSDL. This is because the dynamically generated WSDL creates URLs using the HTTPS protocol and the HTTPS port while WSRP producers use HTTP.

To create a WSDL document manually, perform the following tasks:

1. View the dynamically generated WSDL through your browser (preferably Internet Explorer).

   To view the WSDL for our WSRP samples, go to:

   http://host:external http port/portletapp/portlets?WSDL
   

2. Save the file from the browser to any externally available location.

   For our WSRP Samples, save the file from the browser into the following directory:

   ORACLE_HOME/j2ee/home/applications/portletapp/wsrp-samples

   Save the file as wsrpsamples.wsdl.

3. Edit the file, replacing https with http and correcting the ports to be the external http ports.

4. View the file through a browser.

   For example, for our WSRP Samples use the following URL:

   http://host:external http port/portletapp/wsrpsamples.wsdl
   

5. Use the URL to your *.wsdl file (such as the URL under Step 4) when you register the WSRP producer.

For more information about Enterprise configurations, see the Oracle Fusion Middleware Enterprise Deployment Guide for Java EE.

34.7.2 Setting up the WSRP and JPDK Application in Oracle Portal

This section describes steps to manually configure the WSRP and JPDK application and deploying them on the Oracle WebLogic Server. This section includes:

• Deploying the WSRP

• Deploying the JPDK

34.7.3 Issue When Accessing Page Portlet Using Federated Portal Adapter

The Federated Portal Adapter enables you to display remote portal pages in your portal. However, if both portal instances do not share the same Oracle Single Sign-On server, then you cannot display a remote portal page as a page portlet, even if the remote page is public. A message is displayed instead of the page portlet, as shown in the following example:

Portlet 257,75057 responded with content-type text/plain when the client was requesting content-type text/html

As a workaround, configure both portal instances to use the same Oracle Single Sign-On server.

34.7.4 Error in JPS Portlet After Redeployment

When you redeploy your portlets to the portlet container, all existing sessions between the producer and all of its consumers are lost. If a consumer tries to reuse an existing producer session, then it may receive an error message the first time it tries to contact the producer after redeployment, as shown in the following example:

Error: Could not get markup. The cookie or session is invalid or there is a runtime exception.

To reestablish the producer's session, refresh the portal page. You will not see this error message if you are reaccessing the portlet from a new browser session because it automatically establishes a new producer session.

34.7.5 SSL Support for Oracle Portal Integration Solutions (Microsoft Exchange)

SSL support is not available for Oracle Portal Integration Solutions (Microsoft Exchange). This is a known limitation.

34.9.1 Text Entry Always Right to Left in BiDi Languages

The direction of all text areas and fields is right to left (RTL). However, you may want some text areas to work left to right (LTR). Internet Explorer users can change this by pressing the left hand side Ctrl and Shift keys.

34.9.2 Non-ASCII Character Limitations in Oracle Portal

When you copy and paste an item URL containing non-ASCII characters from one browser Location or Address field into another, you may not be able to access the item if your login credentials have not been authenticated through OracleAS Single Sign-On.

As a workaround, log in to the portal before you access the item and copy the item URL.

34.9.3 Multibyte Characters in Log Files

In some scenarios, multibyte characters in log files may get corrupted.

For example, when the WLS_PORTAL managed server is started from the Oracle WebLogic Server Administration Console, multibyte characters, such as username, password, and is starting, may get corrupted.

Workarounds:

• Change -Dfile.encoding=iso-8859-1 to -Dfile.encoding=utf8 in the WLS_PORTAL start-up parameter through the Oracle WebLogic Server Administration Console.

• Change -Dfile.encoding=iso-8859-1 to -Dfile.encoding=utf8 in the setDomainEnv.sh file (Located at MIDDLEWARE_HOME/user_projects/domains/DomainName/bin).

For more information, see the 403179.1 Metalink note.

34.10.1 Retrieving Object Privileges

Section "15.1 Retrieving Object Privileges" in the Oracle Fusion Middleware Developer's Guide for Oracle Portal has an inaccurate example for Example 15-1 Retrieving the List of Privileges for a Page (grantee_list API). The example should read as follows:

declare 
  l_grantees         wwsec_api.grantee_array; 
  l_object_type_name varchar2(5)  := wwsec_api.PAGE_OBJ; 
  l_name             varchar2(60) := '33/17623'; 
begin 
  -- Call the function. 
  l_grantees := wwsec_api.grantee_list( 
    p_object_type_name => l_object_type_name, 
    p_name            => l_name 
  ); 
  -- Output the results 
  if l_grantees is not null then 
    if l_grantees.count > 0 then 
      for i in l_grantees.first..l_grantees.last loop 
        if l_grantees.exists(i) then 
          dbms_output.put_line('GRANTEE_TYPE '||to_char(i)||'= 
'||l_grantees(i).GRANTEE_TYPE); 
          dbms_output.put_line('GRANTEE_ID '||to_char(i)||'= 
'||l_grantees(i).GRANTEE_ID); 
          dbms_output.put_line('GRANTEE_NAME '||to_char(i)||'= 
'||l_grantees(i).GRANTEE_NAME); 
          dbms_output.put_line('PRIVILEGE '||to_char(i)||'= 
'||l_grantees(i).PRIVILEGE); 
        end if; 
      end loop; 
    end if; 
  end if; 
exception 
  ... 
end; 
/ 

34.10.2 Configuring Virtual Hosts

Section "6.4 Configuring Virtual Hosts" in the Oracle Fusion Middleware Administrator's Guide for Oracle Portal, has a missing step. This step should come after the section "6.4.2 Configure Oracle Web Cache" as follows:

Register Oracle Portal with OracleAS Single Sign-On

To register Oracle Portal with OracleAS Single Sign-On, do the following:

1. Run ssoreg to register the virtual host, www.abc.com, for which mod_osso facilitates single sign-on. The specific application URLs to be defined as partner applications within this site are defined in the file osso.conf. ssoreg is located on the middle tier in ORACLE_HOME/sso/bin for UNIX and ORACLE_HOME\sso\bin for Windows).

   The following example shows the usage of ssoreg:

   ORACLE_HOME/sso/bin/ssoreg.sh
   -site_name www.abc.com:8090
   -config_mod_osso TRUE
   -mod_osso_url http://www.abc.com:8090
   -remote_midtier
   -config_file ORACLE_HOME/Apache/Apache/conf/osso/osso_xyz.conf
   

2. Copy the osso.conf file to the INSTANCE_HOME/config/OHS/ohs1 directory.

3. Open the httpd.conf file (located at INSTANCE_HOME/config/OHS/ohs1) using a text editor and add the following osso.confparameters:

   <VirtualHost *:8888>
      ServerName www.xyz.com:8090
      ServerAdmin you@your.address
      RewriteEngine On
      RewriteOptions inherit
      OssoIpCheck off   OssoSecureCookies of   OssoIdleTimeout off
      OssoConfigFile osso_xyz.conf
      OssoIpCheck off
   </VirtualHost>
   

4. Restart the Oracle HTTP Server.

34.10.3 Configuring Loopback to the Internal Server

In the section "Configuring Loopback to the Internal Server" in the Oracle Fusion Middleware Administrator's Guide for Oracle Portal, ensure that you add an entry for the proxy machine in the in the local host file on the database machine. This step is required for the database machine to resolve the address of the proxy machine on the network.

34.10.4 Re-Registering the Oracle HTTP Server Partner Application

In the section "Re-Registering the Oracle HTTP Server Partner Application" in the Oracle Fusion Middleware Administrator's Guide for Oracle Portal has an inaccurate example. The example should read as follows:

ORACLE_HOME/sso/bin/ssoreg.sh 
  -site_name www.abc.com
  -config_mod_osso TRUE
  -mod_osso_url https://www.abc.com:4443
  -update_mode Modify
  -remote_midtier
  -config_file INSTANCE_HOME/config/OHS/ohs1/osso.conf
  -admin_info cn=orcladmin

34.10.5 Configuring End-to-End SSL for an Upgraded Oracle Portal Environment

Section "4.1.3 Configuring End-to-End SSL" in the Oracle Fusion Middleware Upgrade Guide for Oracle Portal, Forms, Reports, and Discoverer, has some missing steps. You must perform these steps after you have completed step 4. The additional steps are as follows:

1. Import the Web Cache SSL certificate into the Portal Database Wallet's trust store.

2. If you don't have a database wallet, you could create one using Oracle wallet manager or orapki utility in the installation where the database resides. Once you have the wallet, import the SSL certificate of web cache into the database wallet.

3. This wallet location has to be registered into the Portal preference store using the secwc.sql script, located at ORACLE_HOME/portal/admin/plsql/wwc.

   Example 34-1 Registering the Wallet

   cd $ORACLE_HOME/portal/admin/plsql/wwc
   sqlplus <portal_schema/<portal_pwd>@connectstring sql> @secwc.sql <wallet_location> <wallet_pwd>
   sql> @secwc.sql 'file:/u01/app/oracle/product/1021_prodee/dbwallet''welcome1'
   

34.10.6 Upgrading the Portal Schema in a Customer Database

This section details the steps for upgrading a portal schema residing in a customer database configuration outside the OracleAS Metadata Repository.

To upgrade the portal schema residing in a customer database, you must use the upgrade.bat (Windows) or upgrade (UNIX) script. Perform the following steps to upgrade the portal schema residing in a customer database:

1. Set the ORACLE_HOME environment variable to the Oracle home of the midtier.

2. Add the Transparent Network Services (TNS) entry of the database containing portal schema to Instance_Home\config in Windows and Instance_Home/config in UNIX.

3. Set the TNS_ADMIN environment variable to the following location: INSTANCE_Home/config (UNIX).

4. Ensure that you are able to connect to database using portal schema.

5. Verify if you can connect to the portal schema in the database Oracle home by specifying the schema password and the TNS name using SQL*Plus.

   For example in UNIX:

   sqlplus portal/portal@orcl 
   

6. Change the directory to ORACLE_HOME/upgrade/portal/admin/plsql (UNIX).

7. Stop all Oracle Fusion middleware services in the middle-tier Oracle homes that are associated with the portal schema being upgraded. For this, stop the WLS_PORTAL through the Oracle WebLogic Server Administration Console and run INSTANCE_HOME/bin/opmnctl stopall (UNIX).

8. Verify that the Oracle Internet Directory associated with the portal schema is up and running.

9. Run the upgrade script in precheck mode until there are no errors found.

   On UNIX, run the script as follows:

   ORACLE_HOME/upgrade/portal/admin/plsql/upgrade -precheck 
   

   When -precheck is specified, only the pre-upgrade checks are done and the upgrade exits after that. In this mode, the upgrade is not immediately terminated if a precheck fails. Instead, the errors for all prechecks are consolidated in the upgrade.log file. This file is generated in the ORACLE_HOME/upgrade/portal/admin/plsql (UNIX) directory. Look at the end of the log file to see a list of checks that failed. Run the upgrade in this mode until none of the prechecks fails. In this mode, the schema is not altered, so restoring from your backup is not necessary between runs.

   Look up any errors found in the precheck log file. Contact Oracle Support Services for any errors that are not documented or that cannot be resolved by following documented actions.

10. After resolving all warnings and errors from the precheck.log file, run the upgrade script without any parameters.

    On UNIX, run the script as follows:

    ORACLE_HOME/upgrade/portal/admin/plsql/upgrade 
    

    The script prompts you for information about the system setup. Your answers are echoed for verification at the end of the script. However, if you discover that you have entered incorrect information before the end of the script, then you can exit before any changes are made by answering n to the last script inquiry.

    The following are the questions from the script. Default answers to the questions are given in brackets.

    • Have you backed up your database (y|n)? [y]:

      If you have not backed up the database, then answer n, back up the database, and restart the script. If you have backed up the database, then answer y.

    • Enter the name of the schema you would like to upgrade [portal]:

      If the schema name is different from the default OracleAS Infrastructure 10g installation schema name of portal, then enter the schema name.

    • Enter the password of the schema you would like to upgrade [portal]:

      If the password is not the same as the schema name, then enter the portal schema password.

    • Enter the password for the SYS user of your database [change_on_install]:

      If the password is not change_on_install, then enter the database SYS password.

    • Enter the TNS connect string to connect to the database [orcl]:

      Provide the TNS connect string. This can be found in the INSTANCE_HOME/config/tnsnames.ora file (UNIX).

11. When the script is complete, examine the upgrade log files in the current directory to make sure there are no errors reported at the end.

12. Now start the midtiers assosicated with this repository. Check that portal is accessible.

34.10.7 End to End SSL for Oracle Portal

Section '7.3.2.1.4 End to End SSL for Oracle Portal" in the Oracle Fusion Middleware Administrator's Guide for Oracle Portal, has some inaccurate information in the following subsections:

• Securing Oracle Web Cache

• Specifying Oracle Portal Published Address and Protocol

• Configure HTTP Server

<VirtualHost *:8890>
UseCanonicalName On 
ServerName https://dadvmn0041.us.abc.com:8094 
<IfModule ossl_module> 
SSLEngine on 
SSLVerifyClient None 
SSLCipherSuite 
SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SH 
A,SSL_RSA_WITH_DES_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_C BC_SHA 
SSLCRLCheck Off 
SSLWallet   
@ "${ORACLE_INSTANCE}/config/${COMPONENT_TYPE}/${COMPONENT_NAME}/keystores/default"

34.10.8 Configuring and Registering Web Providers, Provider Groups, and WSRP Producers Exposed Over SSL

Configuring and Registering WSRP Producers Exposed Over SSL, in section "7.3.2.1.7 Configuring and Registering Web Providers, Provider Groups, and WSRP Producers Exposed Over SSL" of the Oracle Fusion Middleware Administrator's Guide for Oracle Portal has incorrect information for point a in step 4. This should be as follows:

For registering SSL enabled providers with Oracle Portal Repository, you must import the client certificate as a trusted certificate into the configured keystore for Oracle Portal.

For out-of-the-box seeded providers like Omniportlet, WebClipping, JPDK do the following:

• If the seeded providers are registered to Oracle Portal using Oracle Portal Web Cache SSL port (Configured for SSL only for Oracle Web Cache), then you have to import Oracle Portal Web Cache SSL certificate as a trusted certificate into the configured trust keystore where the J2EE war/ear file is deployed (WLS_PORTAL).

• If the seeded providers are registered to Oracle Portal using Oracle Portal Web Cache SSL port (Configured for end-to-end SSL), then you must perform the following:

  • Import Portal Web Cache SSL certificate, as a trusted certificate into the configured trust keystore(s) where the J2EE war/ear file is deployed (WLS_PORTAL).

  • Open portal.conf file (located at INSTANCE_HOME/config/OHS/ohs1/moduleconf in UNIX and INSTANCE_HOME\config\OHS\ohs1\moduleconf in Windows) and turn on the WLProxySSL parameter in the seeded providers redirection definition. The example below shows the updated portal.conf file for the seeded providers.

    Portal Tools

    <Location /portalTools>
        SetHandler weblogic-handler
        WebLogicHost stanj18.us.abc.com
        WebLogicPort 9001
         WLProxySSL ON
    </Location>
    

    WSRP Tools

    <Location /wsrp-tools>
        SetHandler weblogic-handler
        WebLogicHost stanj18.us.abc.com
        WebLogicPort 9001
        WLProxySSL ON
    </Location>
    

    Rich Text Portlet

    <Location /richtextportlet>
        SetHandler weblogic-handler
        WebLogicHost stanj18.us.abc.com
        WebLogicPort 9001
        WLProxySSL ON
    </Location>
    

    JPDK

    <Location /jpdk>
        SetHandler weblogic-handler
        WebLogicHost stanj18.us.abc.com
        WebLogicPort 9001
         WLProxySSL ON
    </Location>
    

34.10.9 SSL to Oracle Web Cache

Configuring the Parallel Page Engine, in section "7.3.2.1.3 SSL to Oracle Web Cache" of the Oracle Fusion Middleware Administrator's Guide for Oracle Portal, has a missing step. After you have completed Step 3, in the Configuring the Parallel Page Engine section, You need to configure the HTTP settings in the Oracle WebLogic Server Administration Console as follows:

1. Log in to Oracle WebLogic Server Administration Console.

2. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit.

3. In the left pane of the Console, expand Environment and select Clusters.

4. Select the cluster server and, then the HTTP tab.

5. In the HTTP page enter the following information:

   • Frontend HTTP Port: Enter your Web Cache HTTP port, for example 8090.

   • Frontend HTTPS Port: Enter your Web Cache SSL port, for example 8094.

6. Click Save.

7. Click Activate Changes.

8. Restart your managed server.